2013-07-24

Co.Labs

Watch This $200 3-D-Printed Robot Crack Your iPhone

This robot can beat your smartphone’s passcode in a matter of hours just by tapping on the screen. As maker technology improves, physical input is starting to become a more potent attack vector.



You might trust your phone’s four-digit PIN to keep an Apple picker from cracking your precious smartphone, but if they’ve got $200 to blow on a 3-D-printed machine, the Robotic Reconfigurable Button Basher (R2B2) can bust your phone wide open.

The R2B2 isn’t fancy: It cracks codes through sheer brute-force determination, but it works with buttons, touch screens, or pattern-tracing codes. It will punch in a code per second, exhaustively cracking an Android four-digit PIN within 20 hours, but "times for other devices vary depending on lockout policies and related defenses."

R2B2’s inventors, security researchers Justin Engler and Paul Vines, developed the machine to prove the "nobody’s going to try all 10,000 combinations" argument wrong. They even did it for under $200 using a few servomotors, an Arduino chip, 3-D-printed parts from a desktop Makerbot, and a $5 webcam that tracks whether the code’s been cracked. Its open-source software can be used on Mac or PC and controlled via USB.

Not all phones are as susceptible to the R2B2’s repetitive attacks—iOS, for example, increases the time between PIN attempts after each wrong guess—but Android’s factory settings institute just one 30-second delay after every five wrong tries, meaning the R2B2 can make approximately 35 guesses per minute. This means it can find the right PIN within 19 hours and 24 minutes, according to Forbes’ calculations.

Engler and Vines will release the part blueprints when they debut the R2B2 at next month’s Def Con, but the first demo will take place at the Black Hat USA 2013 security conference in Vegas at the end of the month. Debuting alongside R2B2 will be its sister device, the Capacitive Cartesian Coordinate Bruteforcing Overlay (C3BO). Unlike the pad-tapping R2B2, the C3BO electronically stimulates touchscreens, which can work faster than the R2B2 in some circumstances.

Engler and Vine plan on improving the robot to crack non-digital PIN devices such as ATMs and safes, all in the name of increased security. Their point is that putting just a little more thought into how we secure our devices can help. Thieves might willingly take 20 hours to crack a CEO’s phone for sensitive emails, but even ramping up from a four-digit to a six-digit PIN adds up to 80 days to the R2B2’s cracking time.




Add New Comment

4 Comments

  • Bullshit! I love magazines that are supposed to have an Editorial like NatGeo... the Editorial Director isn't doing his job, then change him. You lost a reader today, keep up the good work, but don't cry when you are all made redundancies.

    Fact: A) if a iOS device (not jailbreaked) set properly after ten attempts (even if you have an simple lock code) the iDevice is wipeout. B) After that it can only be unblocked by your AppleID, so the machine can keep punching codes from there to infinity and back. C) None will ever access your dat or the iDevice (iOS7) as it's rendered unusable automatically. D) If you got 2-Step verification activated nobody but the holder of the second key is going to be able to enable it back (better don't lose the backup codes). E) Everything aforementioned hold true as long as there's no NSA Intervention or Apple inc. itself which I doubt they ever do.

    With regard to Androids you are in the jungle... Better get something made by Googles Motorola.

  • Todd Bernhard

    The video shows an Android phone. The article states "Not all phones are as susceptible to the R2B2’s repetitive attacks--iOS, for example, increases the time between PIN attempts after each wrong guess-" 

    Yet the attention-grabbing headline changes it to iPhone.

  • James McBennett

    I remember my old Nokia needed a puk code if the wrong pin was entered five times. Why doesn't the phone lock if the wrong pin is entered 5-10 times? Also can always shut phone down remotely if lost/stolen.